Market overview of anti-fraud systems

[CUK77]

Anti-fraud in e-commerce and telecom has become a critical issue as remote banking (RBS), e-commerce and online financial services evolve. An overview of the Russian and foreign markets for anti-fraud systems will help organizations choose a means to prevent fraudulent transactions and transactions.

1. Introduction
2. Antifraud systems: principles of operation and main threats
2.1. The main types of fraud for online commerce
2.2. The main types of fraud for the telecom sector
3. World market of anti-fraud systems
4. Russian market of anti-fraud systems
5. Review of the domestic market of anti-fraud systems
5.1. BI.ZONE Fraud Prevention
5.2. Cybertonica
5.3. Group-IB Fraud Hunting Platform
5.4. JuicyScore
5.5. Kaspersky Fraud Prevention
5.6. Payler
5.7. Payture
5.8. YuMoney and YuKassa
6. Review of the foreign market for anti-fraud systems
6.1. BAE Systems
6.2. Bottomline Technologies
6.3. Ethoca
6.4. Kount (Equifax)
6.5. LexisNexis Corporation
6.6. NICE Actimize
6.7. SAS Institute
7. Conclusions

Introduction​

First, you need to decide what fraud means for telecom and e-commerce providers. In general terms, fraud is any operation in the infrastructure of a service provider that shows signs of fraud; an attempt to deceive the system for the provision of these services, to extract additional benefits bypassing contractual relations; theft of funds, including indirectly due to non-payment of the cost of the services provided, the consumption of services in excess of the pledged volume, etc.
Telecom market and e-commerce is in constant development, and the current situation of the pandemic has given this extra push in January 2020 was made 22.9 million online payments, and in November - 40% more than 32 million transactions, according to a report National Payment Card System (NSPK). In 2021, the trend continued, and, according to the ten largest banks, 70% of Russians have already switched to paying for goods and services using a smartphone. Accordingly, the fraud market is also adjusting to the development of e-commerce in general and to the development of telecommunications services in particular. The report of the General Prosecutor's Office of the Russian Federation for January 2020 noted that the number of crimes using electronic means of payment increased by 120%.
The number of customers who started buying goods on the Internet increased by about a third. The number of online payments, according to information from banks, has grown from 10 to 300% and continues to grow in 2021, according to estimates - up to 20% in 2021. Many consumer goods stores have strongly developed their online segment, closing some physical points of sale completely or changing their format to issue online orders. Other players of the online market are not lagging behind: in the first quarter of 2020, the revenue of online cinemas grew by 56% and then by 25–45% quarterly.
The main problem associated with fraud in these areas is liability. Who is responsible for protecting the end user from fraud? If you look closely, then a long chain is built, each link of which, to one degree or another, must protect the client from the attacker, just as the client himself must protect himself. And the first step in this chain is a representative of an e-commerce platform - a store, an electronic service provider.

Online fraud is closely related to ordinary banking fraud. The invited experts discussed protection against banking fraud as part of the Anti-Malware.ru broadcast "Systems of banking antifraud".

The experts identified three main scenarios for attacks on clients:

1. Social engineering. The victim herself provides her login and password from the online service account, or she is “bred” to send money, including withdrawing and transferring cash, which is more difficult to track.
2. Phishing is an attempt to force the victim to go to a fraudulent site with payments, discounts, advertising, promotions on goods and services, investing, lending, etc., and then enter personal data and bank card details.
3. Spyware. In this case, the client's data is stolen locally from his computer or by embedding malicious code into a web resource.

All of these scenarios are suitable for the implementation of fraudulent threats in relation to online commerce. They are located in this order for a reason: two years ago, anti-fraud solutions manufacturers focused on protection against malware, but with the development of the e-commerce market, it turned out that it is much easier for a fraudster to contact directly a client and prepare a trap site than to develop complex malware. The threshold for entering the first and second types of fraud scenarios is extremely low, it allows you to quickly adapt to various areas of online commerce, forming schemes to deceive not only the client, but also the online store as a whole, using shortcomings in promotional and bonus campaigns, loyalty programs and lack of monitoring reputational risks from the business owner,
If we talk about fraud in the field of telecommunications, then the current prices for the services of Internet providers or mobile operators are not high, it is difficult to deceive a client for a large amount at a time. However, there are two main areas of fraud in this area. The first is causing an indirect loss to the telecom company, in particular, by violating the rules for using services, connecting unregulated access points, “distributing” services to nearby residents, neighbors, and connecting to someone else’s equipment. This also includes the use of cellular communication channels to carry out spam mailings and the malicious exploitation of operator equipment - the organization of call centers, the purpose of which is attacks along the lines of social engineering.
Earlier, we explained how not to make a mistake in choosing an anti-fraud , and talked about the development of anti-fraud specialists as future analysts of the SOC service. We also recommend that you learn what the ideal cross-channel anti-fraud system looks like for banks and other financial institutions, and read the past overview of anti-banking fraud systems.

Anti-fraud systems: principles of operation and main threats​

Let's take a closer look at the basic principles of anti-fraud systems in the e-commerce and telecom market. The main factor influencing the successful functioning of antifraud is its integration into a specific niche of the customer's market. With regard to banking antifraud, the main issues are clear: protecting the client from theft of his funds, as well as minimizing the risks of losing the client's funds by the bank. Defense paths are also defined:

1. Rule-Based Approach - Pre-known risk factors allow for a standard set of metrics and rules.
2. Machine learning - the formation of patterns of customer behavior and new rules based on large volumes of metrics. It requires the attention of a specialist, since at the stage of the beginning of operation there are a large number of false-positive decisions. The method is effective for large volumes of incoming information, the time for parsing operations for manual analysis is reduced, but structured data with markup is required, which is not suitable for all business systems.
3. Anomaly detection for a user profile (digital fingerprint) - responding to anomalies in the generated profile when the client's behavior goes beyond the usual.
4. Responding to external signals - analysis and processing of information about events that come “at the moment in the market” from open sources or from the fraud monitoring system itself within the framework of Threat Hunting subscriptions.

It follows from this that the anti-fraud systems of e-commerce and telecom work and protect the business systems and the end user in a similar way, but based not only on the information generated on the basis of money transfers, but also on the mass of other data - the country from which the order was made, delivery address, change in the payment method and currency, a sharp change in the composition of the usual order basket for the user's profile and preferences, change of device. This is just an example of a dataset, companies that develop anti-fraud systems offer a wide range of customizable patterns for each stage of the life cycle, from the user's login to their personal account in an online store and ending with the moment of delivery of a product or service.

The main types of fraud for online commerce​

1. Friendly fraud. An unscrupulous customer orders goods and pays for them with a bank card or from his own account, and then initiates a chargeback (chargeback), claiming that the card or account data was stolen by a fraudster. In case of success, the funds are refunded, while the client remains with the purchased product or the provided service. To complicate the analysis of the situation, a fraudster through a proxy can change his location and indicate a different delivery address than the usual one.
2. Another popular method is pure fraud. Its essence lies in accessing bank card data and trying to pay for goods and services before the owner discovers compromise and loss of funds.
3. Hacking an account in an online store. This is usually done through phishing or social engineering with further gaining access to the client's personal account, where in some cases bank cards are already linked from which it is possible to make a purchase. Account hacking can also be carried out during brute-force attacks, where there is no second protection factor - two-factor authentication - and there are no security settings for entering a personal account, for example, restrictions on the number of login attempts.
4. Trading fraud: the sale of goods at prices below market prices without subsequent delivery. It is also used to collect personal data of customers and bank card data.
5. Fictitious online store. The sole purpose of such an online store is to collect personal data of customers and bank card parameters. To increase the lifespan of a fictitious store, a fraudster can use these cards to make real purchases and deliver goods of lower quality or less volume to the client, keeping part of the funds for himself. Also, with a sufficient set of data, the customer base can be sold.

It is worthwhile to study fraud when providing telecom services separately. As previously mentioned, scenarios in this market differ from banking fraud and e-commerce fraud. How to detect fraud in telecommunications? The answer is to fine-tune and ensure that anti-fraud systems are in line with a specific task in relation to niche market requirements and an attacker model.

The main types of fraud for the telecom sector​

1. Violation of the terms of the service agreement, including unauthorized access to services. Examples include the transfer of communication services to a third party, the sale of corporate tariffs to third parties, the sale of SIM cards that are registered to third parties without their knowledge, the use of the Internet by several consumers who are not included in the contract.
2. Compromise of personal devices of subscribers, infection or hacking of mobile phones and home routers.
3. Creation of unregistered communication channels on the equipment of the operator, the use of equipment for other than its intended purpose, including for fraudulent purposes, the provision of third-party services of unregistered content provider.
4. Hacking a client's personal account, subscribing to paid services and services, including those provided by third-party companies.

Comparing incidents in the field of fraud for e-commerce and telecom, the following main difference can be distinguished, on which it is worth starting to build protection: in the first case, not only the online store, but also the issuing bank is engaged in the analysis of fraudulent transactions, and its own security requirements are also observed on the part of Visa and MasterCard payment systems, which, in particular, protect the store from fraudulent chargeback by equating operations with 3-D Secure with operations confirmed by the client's PIN code and cannot be challenged if the services were provided to the payer in full. In addition, payment systems regulate the transfer of responsibility for fraudulent payments from the store to the issuing bank if the store supports the 3-D Secure protocol, but the issuer or its specific card does not. In turn, protection against fraud in the telecom sector (including the search for anomalies in the operation of their systems and equipment, work with deceived customers and other consequences of illegitimate exploitation of their infrastructure) is the responsibility of the service provider itself. In the event of fraud detection and its suppression, law enforcement agencies work already after the fact, when damage, monetary or reputational, has already been inflicted on the service provider and the client.
Then we turn directly to the market of anti-fraud systems, Russian and global, as well as to the main trends in protection against threats of fraudulent fraud in the field of telecom and e-commerce.

World market of anti-fraud systems​

The main directions of development of the market for anti-fraud systems for e-commerce and telecom are aimed at meeting the rapidly developing market for remote sales of goods and services. Payment service providers' revenue is growing at an average of 21% per year. After 2019, the trend continued, the share of digital commerce increased, even taking into account the fact that some of the services (for example, travel and mass cultural events) became unavailable to customers, having won back and increased their positions in other areas of the market. Analyzing sentiment and trends on social media also shows an increase in inquiries about online commerce, Gartner notes (Figure 1).

Figure 1. Intensity of Social Media Contactless Payments According to Gartner

[/B]

Also, according to a report by analysts from MarketsandMarkets, the global market for anti-fraud systems will grow from $ 20.9 billion in 2020 to $ 38.2 billion by 2025 amid an increasingly extensive transition to digital technologies and online marketing technologies.
Another trend in the field of e-commerce is the development of software development in the context of embedding (integration) of payment gateways into online stores and applications for mobile phones. Providers of similar services, such as Stripe and PayPal, in connection with these trends, continue to build up their positions, helping digital companies such as Shopify, Mindbody, Uber, Lyft develop.
Based on these trends, companies - providers of anti-fraud solutions are actively involved in the provision of their services and integration with existing payment gateways, helping them manage fraud detection processes. In many cases, digital commerce payment gateway service providers combine the gateway itself with payment processing, acquiring, payment security, and fraud detection all in one place.

Listed below are the most famous global companies that implement and provide services for protection against fraud in e-commerce and telecom:

• BAE Systems.
• Bottomline Technologies.
• Ethoca.
• Kount (Equifax).
• LexisNexis Corporation.
• NICE Actimize.
• SAS Institute.

Russian market of anti-fraud systems​

The requirements for antifraud systems in the Russian segment of online commerce are growing. The news about a steady increase in the number of cases of massive online fraud adds fuel to the fire:

• In September of this year, the deputy chairman of the board of Sberbank announced that Russia is the leader in the number of phishing sites in the world. The main message is that such sites are extremely slow to be detected and just as slow to be blocked.
• The quality of the fraudulent infrastructure is also growing, phishing resources are disguised as legitimate money transfer services. Experts emphasize that these sites can force the victim to transfer funds to the accounts of fraudsters under the guise of buying goods and services.
• In the same September, Infosecurity specialists discovered sites that were counterfeit stores of well-known brands: from Auchan and O'Key supermarkets to digital technology chain stores such as Citylink and DNS. The phishing site of the telecom operator Tele2 was also discovered.
• In October this year, BI.ZONE specialists discovered 188 phishing sites that pretend to be the official resources for the AvtoVAZ car raffle.

This news leads to the idea, which was also discussed by experts in the framework of the Anti-Malware.ru broadcast: fraud is developing intensively and anti-fraud systems cannot always keep up with new trends. The solution is cooperation: any anti-fraud system should be able to exchange information about fraudulent scenarios, trends and waves of new customer fraud schemes. An important aspect of the response is the flexibility of configuring the anti-fraud system itself, which allows it to correspond to the current realities of fraud in the online market for goods and services. The number of sources for data analysis also plays a significant role in how anti-fraud system algorithms make decisions.

Below we have listed the vendors who implement and provide services for protection against fraud in e-commerce and telecom organizations in the Russian market:

• BI.ZONE.
• Cybertonica.
• Group-IB.
• JuicyScore.
• Kaspersky.
• Payler.
• Payture.
• YuMoney and YuKassa.

Review of the domestic market of anti-fraud systems​

BI.ZONE Fraud Prevention​

BI.ZONE offers BI.ZONE Fraud Prevention, an adaptive cross-channel fraud prevention system. The solution is suitable for both banks and e-commerce, healthcare system, loyalty programs, online service portals for citizens, the gaming industry and other areas.
BI.ZONE Fraud Prevention checks and blocks suspicious transactions in real time with a response speed of up to 0.1 seconds. The solution identifies potential fraud and threats, both based on rules and by identifying abnormal user behavior. It includes modules for protecting payment transactions, deep session analytics and global profiling, and detecting anomalies on devices. The BI.ZONE ThreatVision module allows you to check confidential data for the presence of reputation lists collected in all segments of BI.ZONE coverage.

Figure 2. Dashboard with threat statistics

The main advantages of BI.ZONE Fraud Prevention:

• Tight integration of transactional and session analytics to achieve the highest potential fraud detection rates.
• Adaptability of the solution: a flexible platform with closely integrated modules. The ability to integrate each module separately.
• Cross-channel monitoring - detection of fraud schemes flowing from one channel to another due to the analysis of transactions in real time from all channels: RBS (web and mobile), card issue, acquiring, 3DS.
• Up-to-date knowledge of the types of fraud: the ability to prevent the latest fraudulent schemes due to the fact that BI.ZONE has aggregated information about events in all points of presence of the company.
• Stable performance under high loads: a time-tested scalable architecture that has proven its reliability in the largest organizations in the CIS.

BI.ZONE Fraud Prevention is included in the register of domestic software.
A more detailed overview of the system can be found on the BI.ZONE website.

Cybertonica​

The company provides an anti-fraud platform for banks, acquirers, payment aggregators and online stores. Founded in 2015, is a resident of Skolkovo, nVidia Inception, Cisco IDEAHub, SAP.
Based on machine learning technologies, it implements risk assessment directions, forming adaptive dynamic security rules and a digital user profile, collecting and checking client behavior patterns in a browser or mobile application, technical parameters of the browser itself and the client's device in real time.

Figure 3. Cybertonica system interface

In addition to its own developments, the company has subscriptions to Threat Intelligence channels, from where it takes lists of compromised cards and authorization data, unwanted IP addresses, malware, and suspicious organizations. For online commerce, the platform reduces the cost of SMS mailings by identifying inappropriate authorizations and registrations and minimizes the likelihood of transactions using stolen payment means.
Currently, the area of protection of the Fast Payment System is actively developing. In particular, projects have been implemented at MTS Bank and Metallinvestbank.

Figure 4. Conceptual diagram of the protection of the UPS service from Cybertonica

The main advantages of the system are:

• Rapid deployment and integration with client systems - 8 weeks, testing can be started in 2-3 weeks.
• Prompt reduction of expenses for SMS-mailings by identifying inappropriate authorizations and registrations.
• Flexible configuration of anti-fraud rules to minimize the likelihood of transactions using stolen payment means.

More information about the product can be found on the company's website.

Group-IB Fraud Hunting Platform​

Group-IB has been providing information security, audit, cyber incident investigation, computer forensics and consulting services since 2003. Group-IB Fraud Hunting Platform (until 2020 - Secure Bank / Secure Portal) is a separate solution to protect against fraud.

In its solution, the company provides protection against a variety of fraud vectors aimed at both the banking sector and online commerce:

• Identification of payment fraud committed with the use of spyware, social engineering.
• Blocking bots, including those imitating user behavior.
• Anti-money laundering, including the detection of illegal cash-out networks and tax evasion schemes.
• Improving the user experience by eliminating unnecessary security check steps.
• Reducing business costs by reducing the number of checks.
• Detection of "bonus" fraud, including theft of points from online stores and airline miles.
• API protection from unauthorized use by bots.

Figure 5. Interface of the Group-IB Fraud Hunting Platform system

[/B]

The main modules of the Group-IB Fraud Hunting Platform are Processing Hub, where parsing, enrichment, correlation of incoming information with further analysis of behavior and events are performed in a single interface, Preventive Proxy, which provides proactive protection of online resources from bots, as well as Web Snippet and Mobile SDKs that collect information within a web browser and mobile application, respectively.

Separately, it should be noted that the company not only preventively eliminates threats of fraud implementation, but also identifies fraudsters and their infrastructure for further investigation. Let's highlight some of the main advantages of the Fraud Hunting Platform:

• The product is present in the register of domestic software.
• The system provides a wide range of tools for analyzing, visualizing and searching for events, investigating incidents and detecting fraudulent schemes.
• The system is backed by the Group-IB team of experts who investigate fraud and criminal schemes.

A more detailed overview of the system can be found in the materials of our website.
Detailed product information is available on the company's website .

JuicyScore​

The first commercial launch of the JuicyScore platform took place in 2016, after which the company began to grow rapidly, opening offices in 11 countries around the world and updating its API to the current 11th version in 2019. The company provides access to tools to reduce risks and increase the level of availability of financial products via the Internet through technologies for authenticating the client's device, collecting and analyzing data about the device.

JuicyScore anti-fraud technology collects and analyzes large amounts of data without using personal data of clients:

• more than 50 thousand metrics based on information about the client's device,
• more than 70 attributes based on user behavior data, including the number of logins, the presence of related statements with signs of fraud, the number of corrections on the page during data entry, etc.,
• about 30 attributes characterizing the Internet connection (the presence of proxy / TOR and other anomalies, the type of connection, the date the IP address appeared, etc.),
• more than 40 attributes for device data, including device type, operating system characteristics, markers for signs of device manipulation,
• more than 60 attributes for the software installed on the device, including information about the browser, application software, etc.

Figure 6. Conceptual diagram of the JuicyScore API connection

The company also monitors operational indicators around the world, expanding the ability to identify and search for new types of fraud and prompt response to waves of fraud, strengthening its qualifications.
The product is constantly evolving, in 2021 an API update was released - the new version of JuicyScore API v.13 has a number of new functions and continues to develop existing developments.

Among its advantages are the following:

• Added 28 more input attributes, which makes their spectrum, according to the manufacturer's information, the widest existing solutions on the market.
• The stack of device authentication technologies has been expanded, in the new generation there are 31 of them, which makes the digital fingerprint more stable.
• The stack of technologies and algorithms for detecting malicious programs has been significantly revised and supplemented, which now includes more than 350 elements.

More information about the product can be found on the company's website.

Kaspersky Fraud Prevention​

The online fraud prevention solution from Kaspersky Lab for protecting organizations' digital channels improves the user experience and reduces the cost of additional authentication by providing a high level of security and detecting suspicious activity in real time. Flexible incident management and digital forensics capabilities can significantly reduce the operating costs of large companies.
In terms of e-commerce, the company offers in-depth analysis of user sessions not only to achieve a guaranteed result of protection against fraudulent threats, such as account theft and bot actions, but also to increase the level of convenience and loyalty of a legitimate user. To protect businesses from these threats, behavioral analysis and biometrics are used, as well as device and environment analysis to build models of legitimate and fraudulent behavior. Based on the generated digital profile, not only during authentication, but throughout the entire business session, the Automated Fraud Analytics and Advanced Authentication modules monitor hundreds of indicators in the environment and actions of the client, making it possible to distinguish the activity of a fraudster from the operations of a client, bots from a living person,

Figure 7. Interface of the Kaspersky Fraud Prevention system

The company calls the main advantages of detecting suspicious activity in real time, more accurate detection of various fraud scenarios, identifying fraudulent groups using a global system for collecting information on reputation and unique device fingerprints, and detecting money laundering. The complex generates ready-to-use incidents for internal monitoring systems, offers advanced investigation capabilities with a multifunctional user interface, and reduces the cost of two-factor authentication. In addition, it uses historical data analysis to improve detection rates, detects suspicious activity at an early stage, and helps comply with local laws.
Separately, Kaspersky Lab offers anti-fraud services for telecom providers in the same way as in e-commerce services, in particular, user verification, account theft detection, fraudulent behavior detection, including transactions with subscription to services, improving usability for legitimate clients, the use of advanced technologies together with global expertise.

The main advantages of the platform are the following:

• The product is present in the register of domestic software.
• An extensive online analysis of all available data sources is available - from those provided by the customer to the collection of anonymized biometric behavioral patterns of the user.
• The manufacturer has many years of experience in countering fraudsters and cybercriminals, investigating incidents and monitoring global attack vectors.

More information about the product can be found on the company's website.

Payler​

The company provides payment gateway services with free anti-fraud, if the client's resource is already connected to the payment service. In other cases, PAYLER offers connection services via API or can sell the product for private licensed use for placement on the customer's own site - for example, in the infrastructure of a bank or a processing center.
Based on the proposed default patterns, the customer has the right to independently compose and adjust a set of rules and metrics regarding his business model. Access to your personal account is provided, where all information about payments and transactions of clients is visualized. There, on the basis of the collected statistics, it is possible to cancel the 3-D Secure check for some of the trusted clients, skip a payment with 3-D Secure, or completely reject it.

Figure 8. Payler system interface

When a payment is received, the system carries out the following verification procedures: logical - control of transactions at the time of execution and after the fact for compliance with the specified rules; scoring - a probabilistic assessment of the integrity of a transaction (also at the time of the transaction and after the fact); detection of anomalies - analysis of transactions for unforeseen bursts of fraudulent activity that do not fall under logical rules and profiles; profiling - control of transactions at the time of execution and after the fact for compliance with the profiles of the fraudster and the legitimate payer.

According to information from the manufacturer, the anti-fraud system was created specifically for online commerce with minimal negative impact on a respectable customer:

• Makes a decision on a transaction in 0.3 seconds, gives an error of less than 0.1%, works with an accuracy of 99.9%.
• The system can independently make decisions on changing protection settings using machine learning in real time.
• Thanks to profiling for online business, the system is easy to integrate: it is possible to accept the first payment in 7 days.

More information about the product can be found on the company's website.

Payture​

Payture is an international processing center that was founded over 11 years ago. Today it is one of the leaders in the Russian payment industry, among whose clients are VTB, Tinkoff, Raiffeisenbank, QIWI, Otkritie Bank, Alfa-Bank and other major financial institutions, as well as organizations from other areas: transport and travel, retail, housing and communal services, cleaning, taxi and car sharing.
Similar to other offers on the market, Payture Internet acquiring clients can activate anti-fraud free of charge. The system provides a set of narrow-profile metrics and settings for different sectors of online business: for example, in the travel industry, to assess the risk of fraud, not only the standard available metrics are taken into account, but also the number of days before the flight, as well as the direction of the flight.

Figure 9. Payture system interface

One of the advantages of its anti-fraud system, in addition to the well-known comparisons of the client's digital profile and the developed monitoring rules, the company calls the module of behavioral analysis Device Fingerprinting. It takes into account and analyzes a large number of parameters:

• device type and model, operating system,
• browser and its version, installed plugins,
• language settings,
• screen resolution, color depth,
• Timezone,
• set of fonts,
• Payture digital fingerprint in browser,
• battery charge level,
• time from the moment of loading the template to the beginning of data entry,
• run of the mouse cursor,
• the speed of filling in the payment template fields.

More information about the product can be found on the company's website .

YuMoney and YuKassa​

YuMoney is an IT company that deals with electronic payments on the Internet and not only, creates and maintains financial services for people and businesses. YuKassa is a YuMoney service launched in 2013. Responsible for payments for businesses. Together with the Yandex.Kassa API, the company has collected all possible online payment methods and new options for business development for its customers.

Antifraud service from UKassa is provided free of charge as part of a payment gateway connection. This solution is suitable not only for banks, but for other participants in the online transaction market:

• Online stores - will help to identify customers who abuse bonus programs and discounts, weed out scammers using one-day accounts and newly created virtual cards.
• Online games - will provide an opportunity to check customer authentication, generate digital profiles of players in order to protect the user from account hacking and theft of game currency.
• Payment services - will offer improved interaction between the customer and the store, the application of a risk-based approach to cancellation of 3-D Secure for loyal and verified customers.
• For advertisers - it will help you to find out exactly if advertising sites are increasing traffic and conversions.

Figure 10. System interface together with Yandex.Kassa

As part of the rejection of 3-D Secure, the system operates with the concept of tags; depending on the assigned label, the payment system decides what to do with the transaction. For example, for regular customers who can be trusted, it removes additional checks, for transactions with a yellow tag, it uses standard checks (asks to confirm the operation with a fingerprint or a code in an SMS message using 3-D Secure technology), and refuses for "red" transactions in payment - the money remains on the card.

The manufacturing company considers the following to be the main advantages of its system:

• It is possible to start selling goods and services without having a website - only by providing an account in your personal account, which is convenient for connecting self-employed clients.
• An extensive package of modules for quick integration into online stores.
• Experience in protecting payments not only for online stores, but also for other areas of business - from online games to advertising.

More information about the product can be found on the company's website .

Review of the foreign market for anti-fraud systems​

BAE Systems​

BAE Systems, in addition to developments in the aerospace industry, weapons systems and intelligence, is developing information security tools, in particular, anti-fraud systems. One of the company's developments is the NetReveal product designed to provide anti-fraud services to the insurance business.
This anti-fraud solution provides insurers with the ability to detect, investigate and prevent fraud throughout the insurance lifecycle. NetReveal Insurance Fraud delivers fast out-of-the-box deployment and benefits from day one with a rich library of customizable rules and machine learning algorithms, enriched with pre-existing fraud indicators, blacklists and other insurance market intelligence. It also allows you to automate the process of checking new customers based on various risk indicators and reputation from other sources.

Figure 11. Conceptual diagram of NetReveal

One of the vendor's clients is Zurich Insurance Group, the largest insurance company in Switzerland, which, by its own example, together with BAE Systems, has implemented several work cases for combating insurance fraud. The main challenges were the development of a new antifraud market in the field of insurance, the lack of experience and lack of information in the world community in this area, as well as the inclusion in analytics of social networks, car trading sites, handling customer claims, and adjusting the risk model for insurance operations.

The company calls the main advantages of its anti-fraud solution:

• Extensive experience and developments in the field of information security, including in the military sphere.
• A large staff of specialists with experience in combating fraud in various areas of business, willingness to develop and support clients on many issues of business protection.
• Significant participation in monitoring global information flows to track the facts of hacking of web services and prompt response to waves of fraud and fraud, theft of personal data.

More information about the product can be found on the company's website .

Bottomline Technologies​

The Israeli division of the international corporation Bottomline Technologies develops a family of CFRM (Cyber Fraud and Risk Management) solutions for combating fraud, combating money laundering and terrorist financing (AML / CFT) and financial risk management. CFRM solutions from Bottomline Technologies minimize such risks for government organizations and companies in banking, insurance, telecommunications, retail, logistics, industrial and other areas.
The product is also used in the post-Soviet space - three banks from the top 10 in Russia, more than 20 implementations in the CIS. The system prevents cross-channel fraud scenarios, analyzes the transaction flow in real time, and automates the incident investigation process.

Figure 12. Bottomline system interface

As examples of non-bank implementation, one can note the implementation of projects in non-residential real estate rental companies - Taubman and Washington Prime Group. These companies consolidated their payment statistics, discounts, settlements with tenants, centralized debt and other financial and non-financial processes, including in order to reduce money losses and speed up payments.

Among the advantages of the system are the following:

• Allows you to prevent cross-channel fraud scenarios in various organizations, including banks, payment systems, retail, gas station networks, government agencies and others.
• Not only analyzes the transaction flow in real time, but also automates the incident investigation process.
• As an international company, the vendor provides a wide range of anti-fraud services, including the formation of rules for responding to fraud.

More information about the product can be found on the company's website .

Ethoca​

In 2019, MasterCard acquired Ethoca, one of the leaders in the provision of protection against fraudulent chargebacks, by being able to provide its customers with access to detailed information about purchases in banking mobile applications. MasterCard is working with issuing banks to introduce a new industry standard so that by 2022, customers will have access to expanded information about transactions in digital banking channels.
The Ethoca network unites more than four thousand financial institutions around the world. When a suspicious transaction is detected, information is sent to the merchant, which enables it to approve, suspend or cancel this transaction and thus subsequently avoid a request for a refund.

Figure 13. Official statistics from the MasterCard-Ethoca blog

In addition to the merger with MasterCard, the company provides its own fraud prevention services. Here, clients include South African Airways, the national carrier and largest airline in South Africa, or Build with Ferguson (build.com), a major US construction online retailer.

Strengths of the system:

• Participation in customer protection and joint work of the vendor with one of the largest international payment systems - MasterCard.
• A global network of partnerships between merchants and card issuers for the widespread exchange of fraud information.
• Prompt fraud alert to seller prior to shipment.

More information about the product can be found on the company's website .

Kount (Equifax)​

The company, which appeared in 2006, managed to establish itself as an expert in providing banking antifraud and e-commerce protection services, and in 2021 became a partner of Equifax, one of the largest credit bureaus. It holds over 30 patents in the field of digital services.
Kount is a prime example of a multi-market service provider. In particular, its solutions are implemented in the processes of customer protection and self-defense of such enterprises and organizations as BP (transnational oil and gas company), Baskin Robbins (operator of snack-food chains), Arc'teryx (chain of clothing and equipment stores for extreme sports), Canada Post (Canadian Postal Service). To efficiently provide security services, Kount uses a variety of customer data channels, similar to the anti-fraud systems in the banking sector.

Figure 14. Conceptual diagram of how Kount works

The core of the security system is Kount's Identity Trust Global Network - a fraud data transmission network. Kount uses two types of machine learning to generate robust real-time security assessments of transactions. Operator-assisted machine learning evaluates past customer engagement decisions and, without operator intervention, detects new fraudulent attacks, identifies fraud risks in accordance with the customer's reputation.

System advantages:

• Participation in risk assessment processes together with Equifax based on their products and algorithms allows you to more successfully fight against fraud.
• The system can be modified and finalized taking into account the specific needs of small, medium and large businesses.
• The collection and processing of information is carried out by means of machine learning and covers data streams from many world markets.

More information about the product can be found on the company's website .

LexisNexis Corporation​

LexisNexis Risk Solutions, a US company, provides customers with decision-making products and tools that combine public and industry-specific content with cutting edge technology and analytics to help assess and predict risk and improve operational efficiency.
In particular, the company offers LexisNexis ThreatMetrix, an enterprise solution for digital data mining and digital authentication. By combining analytics from transaction data using machine learning technologies, the system helps keep transactions flowing while improving the efficiency of fraud protection and security risk management with an end-to-end decision-making platform.

Figure 15. LexisNexis Intelligent Investigator System Interface

The product helps telecommunications companies solve problems such as identifying customers, identifying them from fraudsters who register SIM cards or perform transactions with fake credentials and details of stolen bank cards. The product can also solve more complex problems of telecom companies - recognition of subscriptions to paid services using stolen customer accounts, detection of attempts to steal these accounts and conduct fraudulent financial transactions with them - based on digital profiles, distinguishing a trustworthy client from an attacker, spreading the so-called "Trust labels" that characterize each specific user.
A separate area is the assessment of the provision of medical services: reducing risks, ensuring compliance with legal requirements, increasing patient engagement and improving results through the analysis of data on consumers, suppliers and regulatory requirements. LexisNexis Intelligent Investigator delivers data and analytics, rules and algorithms to prioritize and respond to potential fraudulent activities.

The main features of the system are:

• The vendor has extensive experience in collecting, processing and analyzing information on the Internet: in 2019, the company was recognized as a leader in the field of search and tracking of news content.
• Support for making decisions on transactions based on any available information coming from the client, with its enrichment with its own data arrays.
• The collection and processing of information occurs through a variety of channels - news, transaction trends, own analytics.

More information about the product can be found on the company's website.

NICE Actimize​

Founded in 1999 in the United States, NICE Actimize is the largest provider of financial crime, risk mitigation and compliance solutions for regional and global financial institutions (Citibank, Societe Generale, Barclays), government regulators ... The product is also used on the Russian market, for example, by VTB Capital, Otkritie Bank and Alfa-Bank.
Actimize provides a range of products aimed at comprehensive anti-fraud in various business areas, such as access and customer account management, banking anti-fraud, card and online payments. Analytics and consulting are also provided, including mechanisms to control and reduce the risks of fraudulent transactions. The company's portfolio includes solutions IFM-X (anti-fraud platform), X-Sight (risk analysis and assessment), XSeed (cloud service for combating money laundering and fraud).

Figure 16. X-Sight data sources and processing modules

The main advantages of the system:

• Providing a wide range of services in the field of countering banking fraud and fraud in online commerce, the platform has a large number of customization options for a specific client.
• The system has tools for analyzing and maintaining the full cycle of each case of fraud, allowing you to start cases and conduct internal investigations.
• On the basis of cloud solutions, all fraud cases are collected, consolidated and analyzed, cases for each client are collected and processed.

More information about the product can be found on the company's website.

SAS Institute​

A US company providing services for financial and data analytics and risk management supplies SAS Anti-Money Laundering. The main features of this solution are extensive capabilities for data management, analysis and visualization, the creation of hypotheses and recommendations. There is also the possibility of administering and investigating incidents on a single platform, including checking clients and identifying them regarding the risks of fraud, followed by the provision of regulatory reporting. One of the new clients of the platform from the Russian market is Rosbank, which implemented SAS Anti-Money Laundering in 2021.
One of the most important features of the solution is the ability to monitor transactions in real time. SAS AML includes the SAS Visual Investigator tool, which provides ample opportunities for analyzing operations at the time of their execution, and also allows you to visualize and identify complex relationships between objects of investigation.

Figure 17. Anti-Money Laundering system interface

The product provides such anti-fraud features as self-configuring the rules for detecting fraudulent schemes, providing an interface for investigating incidents and generating reports, tools for analyzing and detecting new fraud schemes. Analysis and processing of information from various sources, online control of cash flow, generation of notifications based on analytics and machine learning mechanisms, information from our own database and external cloud sources, as well as provision of reporting in accordance with regulatory requirements are performed.

Among the main advantages of the system are the following:

• The manufacturing company itself is a developer of programs for analyzing information on financial and risk management and has extensive experience in these areas of customer data protection.
• Through its many areas of activity, SAS Anti-Money Laundering tracks a large number of risk factors, analyzing huge amounts of data within minutes.
• Provides an interface for incident investigation and reporting.

More information about the product can be found on the company's website.

Conclusions​

The purpose of the review was to show that anti-fraud systems allow us to cope with new threats to the development of fraud in the field of not only banking services, but also other services where there is a risk of harm to the end user or loss of reputation / money of the service aggregator - an online store, a telecommunications company, a network of gas stations, air and rail services, an insurance and medical care provider. It is possible to choose your own anti-fraud for each type of service. In addition, anti-fraud vendors provide comprehensive analysis, reporting, and compliance with local anti-fraud requirements.
The sharp transition to remote services over the past two years has made adjustments to the global strategy for the development of e-commerce systems and the development of the online services market. Anti-fraud companies have had to quickly adjust to new challenges in online fraud, as well as new requirements from regulators and customers. Another major challenge is the lack of a sufficient number of qualified security specialists. Organizations that hire anti-fraud specialists often lack the necessary competencies to analyze and identify complex fraud cases. Now is the time to develop not only anti-fraud protection systems, but also the competencies of the employees involved in anti-fraud protection.

(c) anti-malware.ru

 

[zaibatsu]

antifraud